Vulnerability-Lookup

CVE-2022-31801 (GCVE-0-2022-31801)

Vulnerability from cvelistv5 – Published: 2022-06-21 08:00 – Updated: 2026-06-02 20:16

Title

Insufficient Verification of Data Vulnerability in ProConOS/ProConOS eCLR SDK and MULTIPROG Engineering tool

Summary

An unauthenticated, remote attacker could upload malicious logic to the devices based on ProConOS/ProConOS eCLR in order to gain full control over the device.

Severity

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

SSVC

Exploitation: none Automatable: yes Technical Impact: total

CISA Coordinator (v2.0.3)

CWE

CWE-345 - Insufficient Verification of Data Authenticity

Assigner

CERTVDE

References

1 reference

URL	Tags
https://cert.vde.com/en/advisories/VDE-2022-026/	x_refsource_CONFIRM

Impacted products

3 products

Vendor	Product	Version
PHOENIX CONTACT	MULTIPROG	Affected: All Versions
PHOENIX CONTACT	ProConOS	Affected: All Versions
PHOENIX CONTACT	ProConOS eCLR	Affected: All Versions

Date Public

2022-06-21 00:00

Credits

This vulnerability was reported by Forescout.

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T07:26:01.136Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert.vde.com/en/advisories/VDE-2022-026/"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-31801",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-06-02T19:55:07.271340Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-06-02T20:16:11.339Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "MULTIPROG",
          "vendor": "PHOENIX CONTACT",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions"
            }
          ]
        },
        {
          "product": "ProConOS",
          "vendor": "PHOENIX CONTACT",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions"
            }
          ]
        },
        {
          "product": "ProConOS eCLR",
          "vendor": "PHOENIX CONTACT",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "This vulnerability was reported by Forescout."
        }
      ],
      "datePublic": "2022-06-21T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "An unauthenticated, remote attacker could upload malicious logic to the devices based on ProConOS/ProConOS eCLR in order to gain full control over the device."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-345",
              "description": "CWE-345 Insufficient Verification of Data Authenticity",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-06-21T08:00:31.000Z",
        "orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
        "shortName": "CERTVDE"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert.vde.com/en/advisories/VDE-2022-026/"
        }
      ],
      "source": {
        "advisory": "VDE-2022-026",
        "discovery": "EXTERNAL"
      },
      "title": "Insufficient Verification of Data Vulnerability in ProConOS/ProConOS eCLR SDK and MULTIPROG Engineering tool",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "info@cert.vde.com",
          "DATE_PUBLIC": "2022-06-21T07:00:00.000Z",
          "ID": "CVE-2022-31801",
          "STATE": "PUBLIC",
          "TITLE": "Insufficient Verification of Data Vulnerability in ProConOS/ProConOS eCLR SDK and MULTIPROG Engineering tool"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "MULTIPROG",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "=",
                            "version_name": "All Versions",
                            "version_value": "All Versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "ProConOS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "=",
                            "version_name": "All Versions",
                            "version_value": "All Versions"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "ProConOS eCLR",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "=",
                            "version_name": "All Versions",
                            "version_value": "All Versions"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "PHOENIX CONTACT"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "This vulnerability was reported by Forescout."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An unauthenticated, remote attacker could upload malicious logic to the devices based on ProConOS/ProConOS eCLR in order to gain full control over the device."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-345 Insufficient Verification of Data Authenticity"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://cert.vde.com/en/advisories/VDE-2022-026/",
              "refsource": "CONFIRM",
              "url": "https://cert.vde.com/en/advisories/VDE-2022-026/"
            }
          ]
        },
        "source": {
          "advisory": "VDE-2022-026",
          "discovery": "EXTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
    "assignerShortName": "CERTVDE",
    "cveId": "CVE-2022-31801",
    "datePublished": "2022-06-21T08:00:31.688Z",
    "dateReserved": "2022-05-30T00:00:00.000Z",
    "dateUpdated": "2026-06-02T20:16:11.339Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2022-31801",
      "date": "2026-06-08",
      "epss": "0.0068",
      "percentile": "0.71989"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2022-31801\",\"sourceIdentifier\":\"info@cert.vde.com\",\"published\":\"2022-06-21T08:15:07.587\",\"lastModified\":\"2024-11-21T07:05:21.537\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An unauthenticated, remote attacker could upload malicious logic to the devices based on ProConOS/ProConOS eCLR in order to gain full control over the device.\"},{\"lang\":\"es\",\"value\":\"Un atacante remoto no autenticado podr\u00eda cargar l\u00f3gica maliciosa en los dispositivos basados en ProConOS/ProConOS eCLR para conseguir el control total del dispositivo\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"info@cert.vde.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":10.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"info@cert.vde.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-345\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:phoenixcontact:multiprog:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"42452860-CB53-479D-ADE1-E8166EC834C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:phoenixcontact:proconos:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"80770720-B149-44CA-B6CA-25EB8C9A115C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:phoenixcontact-software:proconos_eclr:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4CDFE3B8-1A42-4E5E-92BD-5F1B07EF0377\"}]}]}],\"references\":[{\"url\":\"https://cert.vde.com/en/advisories/VDE-2022-026/\",\"source\":\"info@cert.vde.com\",\"tags\":[\"Mitigation\",\"Third Party Advisory\"]},{\"url\":\"https://cert.vde.com/en/advisories/VDE-2022-026/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mitigation\",\"Third Party Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://cert.vde.com/en/advisories/VDE-2022-026/\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-03T07:26:01.136Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2022-31801\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-06-02T19:55:07.271340Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-06-02T19:54:59.405Z\"}}], \"cna\": {\"title\": \"Insufficient Verification of Data Vulnerability in ProConOS/ProConOS eCLR SDK and MULTIPROG Engineering tool\", \"source\": {\"advisory\": \"VDE-2022-026\", \"discovery\": \"EXTERNAL\"}, \"credits\": [{\"lang\": \"en\", \"value\": \"This vulnerability was reported by Forescout.\"}], \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 9.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"vendor\": \"PHOENIX CONTACT\", \"product\": \"MULTIPROG\", \"versions\": [{\"status\": \"affected\", \"version\": \"All Versions\"}]}, {\"vendor\": \"PHOENIX CONTACT\", \"product\": \"ProConOS\", \"versions\": [{\"status\": \"affected\", \"version\": \"All Versions\"}]}, {\"vendor\": \"PHOENIX CONTACT\", \"product\": \"ProConOS eCLR\", \"versions\": [{\"status\": \"affected\", \"version\": \"All Versions\"}]}], \"datePublic\": \"2022-06-21T00:00:00.000Z\", \"references\": [{\"url\": \"https://cert.vde.com/en/advisories/VDE-2022-026/\", \"tags\": [\"x_refsource_CONFIRM\"]}], \"x_generator\": {\"engine\": \"Vulnogram 0.0.9\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"An unauthenticated, remote attacker could upload malicious logic to the devices based on ProConOS/ProConOS eCLR in order to gain full control over the device.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-345\", \"description\": \"CWE-345 Insufficient Verification of Data Authenticity\"}]}], \"providerMetadata\": {\"orgId\": \"270ccfa6-a436-4e77-922e-914ec3a9685c\", \"shortName\": \"CERTVDE\", \"dateUpdated\": \"2022-06-21T08:00:31.000Z\"}, \"x_legacyV4Record\": {\"credit\": [{\"lang\": \"eng\", \"value\": \"This vulnerability was reported by Forescout.\"}], \"impact\": {\"cvss\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 9.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, \"source\": {\"advisory\": \"VDE-2022-026\", \"discovery\": \"EXTERNAL\"}, \"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_name\": \"All Versions\", \"version_value\": \"All Versions\", \"version_affected\": \"=\"}]}, \"product_name\": \"MULTIPROG\"}, {\"version\": {\"version_data\": [{\"version_name\": \"All Versions\", \"version_value\": \"All Versions\", \"version_affected\": \"=\"}]}, \"product_name\": \"ProConOS\"}, {\"version\": {\"version_data\": [{\"version_name\": \"All Versions\", \"version_value\": \"All Versions\", \"version_affected\": \"=\"}]}, \"product_name\": \"ProConOS eCLR\"}]}, \"vendor_name\": \"PHOENIX CONTACT\"}]}}, \"data_type\": \"CVE\", \"generator\": {\"engine\": \"Vulnogram 0.0.9\"}, \"references\": {\"reference_data\": [{\"url\": \"https://cert.vde.com/en/advisories/VDE-2022-026/\", \"name\": \"https://cert.vde.com/en/advisories/VDE-2022-026/\", \"refsource\": \"CONFIRM\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"An unauthenticated, remote attacker could upload malicious logic to the devices based on ProConOS/ProConOS eCLR in order to gain full control over the device.\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"CWE-345 Insufficient Verification of Data Authenticity\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2022-31801\", \"STATE\": \"PUBLIC\", \"TITLE\": \"Insufficient Verification of Data Vulnerability in ProConOS/ProConOS eCLR SDK and MULTIPROG Engineering tool\", \"ASSIGNER\": \"info@cert.vde.com\", \"DATE_PUBLIC\": \"2022-06-21T07:00:00.000Z\"}}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2022-31801\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-06-02T20:16:11.339Z\", \"dateReserved\": \"2022-05-30T00:00:00.000Z\", \"assignerOrgId\": \"270ccfa6-a436-4e77-922e-914ec3a9685c\", \"datePublished\": \"2022-06-21T08:00:31.688Z\", \"assignerShortName\": \"CERTVDE\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}

FKIE_CVE-2022-31801

Vulnerability from fkie_nvd - Published: 2022-06-21 08:15 - Updated: 2024-11-21 07:05

Severity

9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

An unauthenticated, remote attacker could upload malicious logic to the devices based on ProConOS/ProConOS eCLR in order to gain full control over the device.

References

	URL	Tags
	info@cert.vde.com	https://cert.vde.com/en/advisories/VDE-2022-026/	Mitigation, Third Party Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://cert.vde.com/en/advisories/VDE-2022-026/	Mitigation, Third Party Advisory

Impacted products

Vendor	Product	Version
phoenixcontact	multiprog	*
phoenixcontact	proconos	*
phoenixcontact-software	proconos_eclr	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:phoenixcontact:multiprog:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "42452860-CB53-479D-ADE1-E8166EC834C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:phoenixcontact:proconos:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "80770720-B149-44CA-B6CA-25EB8C9A115C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:phoenixcontact-software:proconos_eclr:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CDFE3B8-1A42-4E5E-92BD-5F1B07EF0377",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An unauthenticated, remote attacker could upload malicious logic to the devices based on ProConOS/ProConOS eCLR in order to gain full control over the device."
    },
    {
      "lang": "es",
      "value": "Un atacante remoto no autenticado podr\u00eda cargar l\u00f3gica maliciosa en los dispositivos basados en ProConOS/ProConOS eCLR para conseguir el control total del dispositivo"
    }
  ],
  "id": "CVE-2022-31801",
  "lastModified": "2024-11-21T07:05:21.537",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "info@cert.vde.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2022-06-21T08:15:07.587",
  "references": [
    {
      "source": "info@cert.vde.com",
      "tags": [
        "Mitigation",
        "Third Party Advisory"
      ],
      "url": "https://cert.vde.com/en/advisories/VDE-2022-026/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mitigation",
        "Third Party Advisory"
      ],
      "url": "https://cert.vde.com/en/advisories/VDE-2022-026/"
    }
  ],
  "sourceIdentifier": "info@cert.vde.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-345"
        }
      ],
      "source": "info@cert.vde.com",
      "type": "Secondary"
    }
  ]
}

GHSA-JGP8-HJ42-F7F6

Vulnerability from github – Published: 2022-06-22 00:01 – Updated: 2022-06-22 00:01

Details

An unauthenticated, remote attacker could upload malicious logic to the devices based on ProConOS/ProConOS eCLR in order to gain full control over the device.

Severity

9.8 (Critical)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2022-31801"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-345"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-06-21T08:15:00Z",
    "severity": "CRITICAL"
  },
  "details": "An unauthenticated, remote attacker could upload malicious logic to the devices based on ProConOS/ProConOS eCLR in order to gain full control over the device.",
  "id": "GHSA-jgp8-hj42-f7f6",
  "modified": "2022-06-22T00:01:01Z",
  "published": "2022-06-22T00:01:01Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-31801"
    },
    {
      "type": "WEB",
      "url": "https://cert.vde.com/en/advisories/VDE-2022-026"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GSD-2022-31801

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

An unauthenticated, remote attacker could upload malicious logic to the devices based on ProConOS/ProConOS eCLR in order to gain full control over the device.

Aliases

CVE-2022-31801

Aliases

CVE-2022-31801

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2022-31801",
    "description": "An unauthenticated, remote attacker could upload malicious logic to the devices based on ProConOS/ProConOS eCLR in order to gain full control over the device.",
    "id": "GSD-2022-31801"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2022-31801"
      ],
      "details": "An unauthenticated, remote attacker could upload malicious logic to the devices based on ProConOS/ProConOS eCLR in order to gain full control over the device.",
      "id": "GSD-2022-31801",
      "modified": "2023-12-13T01:19:18.048036Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "info@cert.vde.com",
        "DATE_PUBLIC": "2022-06-21T07:00:00.000Z",
        "ID": "CVE-2022-31801",
        "STATE": "PUBLIC",
        "TITLE": "Insufficient Verification of Data Vulnerability in ProConOS/ProConOS eCLR SDK and MULTIPROG Engineering tool"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "MULTIPROG",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_name": "All Versions",
                          "version_value": "All Versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "ProConOS",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_name": "All Versions",
                          "version_value": "All Versions"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "ProConOS eCLR\t",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_name": "All Versions",
                          "version_value": "All Versions"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "PHOENIX CONTACT"
            }
          ]
        }
      },
      "credit": [
        {
          "lang": "eng",
          "value": "This vulnerability was reported by Forescout."
        }
      ],
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "An unauthenticated, remote attacker could upload malicious logic to the devices based on ProConOS/ProConOS eCLR in order to gain full control over the device."
          }
        ]
      },
      "generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "impact": {
        "cvss": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        }
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-345 Insufficient Verification of Data Authenticity"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://cert.vde.com/en/advisories/VDE-2022-026/",
            "refsource": "CONFIRM",
            "url": "https://cert.vde.com/en/advisories/VDE-2022-026/"
          }
        ]
      },
      "source": {
        "advisory": "VDE-2022-026",
        "discovery": "EXTERNAL"
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:phoenixcontact:multiprog:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:phoenixcontact:proconos:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:phoenixcontact-software:proconos_eclr:-:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "info@cert.vde.com",
          "ID": "CVE-2022-31801"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "An unauthenticated, remote attacker could upload malicious logic to the devices based on ProConOS/ProConOS eCLR in order to gain full control over the device."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-345"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://cert.vde.com/en/advisories/VDE-2022-026/",
              "refsource": "CONFIRM",
              "tags": [
                "Mitigation",
                "Third Party Advisory"
              ],
              "url": "https://cert.vde.com/en/advisories/VDE-2022-026/"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2022-06-28T17:45Z",
      "publishedDate": "2022-06-21T08:15Z"
    }
  }
}

ICSA-22-172-04

Vulnerability from csaf_cisa - Published: 2022-06-21 00:00 - Updated: 2022-06-21 00:00

Summary

Phoenix Contact ProConOS and MULTIPROG

Notes

CISA Disclaimer: This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov

Legal Notice: All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.

Risk evaluation: Successful exploitation of this vulnerability could allow an attacker to upload arbitrary malicious code after gaining access to the communication to products utilizing ProConOS/ProConOS eCLR or MULTIPROG.

Critical infrastructure sectors: Multiple Sectors

Countries/areas deployed: Worldwide

Company headquarters location: Germany

Recommended Practices: CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:

Recommended Practices: CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures. CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov/icsSeveral recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.

Recommended Practices: Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on cisa.gov/icsin the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies. Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.

Exploitability: No known public exploits specifically target this vulnerability.

CVE-2022-31801

9.8 (Critical)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-345 - Insufficient Verification of Data Authenticity

Affected products

Known affected 3 products

Product	Version	Remediation
MULTIPROG: All versions Phoenix Contact / MULTIPROG	vers:all/*	Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation fix
ProConoS: All versions Phoenix Contact / ProConoS	vers:all/*	Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation fix
ProConoS eCLR: All versions Phoenix Contact / ProConoS eCLR	vers:all/*	Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation Mitigation fix

References

7 references

URL	Category
https://raw.githubusercontent.com/cisagov/CSAF/de…	self
https://www.cisa.gov/news-events/ics-advisories/i…	self
https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-…	external
https://www.cisa.gov/uscert/sites/default/files/r…	external
https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B	external
http://web.nvd.nist.gov/view/vuln/detail?vulnId=C…	external
https://www.first.org/cvss/calculator/3.0#CVSS:3.…	external

Acknowledgments

Forescout Technologies Daniel dos Santos Jos Wetzels

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "names": [
          "Daniel dos Santos",
          "Jos Wetzels"
        ],
        "organization": "Forescout Technologies",
        "summary": "reporting this vulnerability to CISA"
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Disclosure is not limited",
      "tlp": {
        "label": "WHITE",
        "url": "https://us-cert.cisa.gov/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "general",
        "text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
        "title": "CISA Disclaimer"
      },
      {
        "category": "legal_disclaimer",
        "text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
        "title": "Legal Notice"
      },
      {
        "category": "summary",
        "text": "Successful exploitation of this vulnerability could allow an attacker to upload arbitrary malicious code after gaining access to the communication to products utilizing ProConOS/ProConOS eCLR or MULTIPROG.",
        "title": "Risk evaluation"
      },
      {
        "category": "other",
        "text": "Multiple Sectors",
        "title": "Critical infrastructure sectors"
      },
      {
        "category": "other",
        "text": "Worldwide",
        "title": "Countries/areas deployed"
      },
      {
        "category": "other",
        "text": "Germany",
        "title": "Company headquarters location"
      },
      {
        "category": "general",
        "text": "CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.\nCISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov/icsSeveral recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
        "title": "Recommended Practices"
      },
      {
        "category": "general",
        "text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage on cisa.gov/icsin the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.\nOrganizations observing any suspected malicious activity should follow their established internal procedures and report their findings to CISA for tracking and correlation against other incidents.",
        "title": "Recommended Practices"
      },
      {
        "category": "other",
        "text": "No known public exploits specifically target this vulnerability.",
        "title": "Exploitability"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
      "name": "CISA",
      "namespace": "https://www.cisa.gov/"
    },
    "references": [
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-22-172-04 JSON",
        "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2022/icsa-22-172-04.json"
      },
      {
        "category": "self",
        "summary": "ICS Advisory ICSA-22-172-04 Web Version",
        "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-172-04"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
      },
      {
        "category": "external",
        "summary": "Recommended Practices",
        "url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
      }
    ],
    "title": "Phoenix Contact ProConOS and MULTIPROG",
    "tracking": {
      "current_release_date": "2022-06-21T00:00:00.000000Z",
      "generator": {
        "engine": {
          "name": "CISA CSAF Generator",
          "version": "1.0.0"
        }
      },
      "id": "ICSA-22-172-04",
      "initial_release_date": "2022-06-21T00:00:00.000000Z",
      "revision_history": [
        {
          "date": "2022-06-21T00:00:00.000000Z",
          "legacy_version": "Initial",
          "number": "1",
          "summary": "Publication Date"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "vers:all/*",
                "product": {
                  "name": "MULTIPROG: All versions",
                  "product_id": "CSAFPID-0001"
                }
              }
            ],
            "category": "product_name",
            "name": "MULTIPROG"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "vers:all/*",
                "product": {
                  "name": "ProConoS: All versions",
                  "product_id": "CSAFPID-0002"
                }
              }
            ],
            "category": "product_name",
            "name": "ProConoS"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "vers:all/*",
                "product": {
                  "name": "ProConoS eCLR: All versions",
                  "product_id": "CSAFPID-0003"
                }
              }
            ],
            "category": "product_name",
            "name": "ProConoS eCLR"
          }
        ],
        "category": "vendor",
        "name": "Phoenix Contact"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2022-31801",
      "cwe": {
        "id": "CWE-345",
        "name": "Insufficient Verification of Data Authenticity"
      },
      "notes": [
        {
          "category": "summary",
          "text": "The affected product lacks an integrity check in the SDK, which could allow an attacker to upload logic with arbitrary malicious code.CVE-2022-31801 has been assigned to this vulnerability. A CVSS v3 base score of 9.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).",
          "title": "Vulnerability Summary"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0002",
          "CSAFPID-0003"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "web.nvd.nist.gov",
          "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-31801"
        },
        {
          "category": "external",
          "summary": "www.first.org",
          "url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
        }
      ],
      "remediations": [
        {
          "category": "mitigation",
          "details": "Industrial controllers based on ProConOS/ProConOS eCLR are typically developed and designed for use in closed industrial networks using a defense-in-depth approach and focusing on network segmentation. In such an approach, the production plant is protected against attacks (especially from the outside) by a multi-level perimeter, including firewalls, as well as dividing the plant into OT zones. This concept is supported by organizational measures in the production plant as part of a security management system. To accomplish such security, measures are required at all levels.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "mitigation",
          "details": "Manufacturers using ProConOS/ProConOS eCLR in automation devices are advised to check implementation and publish an advisory according to their product.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "mitigation",
          "details": "Users of automation devices utilizing ProConOS/ProConOS eCLR in their automation systems may check if their application requires additional security measures, such as adequate defense-in-depth networking architecture, the use of virtual private networks (VPNs) for remote access, or the use of firewalls for network segmentation or controller isolation. Users should check manufacturer security advisories for more adequate information according to their dedicated device.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "mitigation",
          "details": "Users should ensure logic is always transferred or stored in protected environments. This is valid for data in transmission as well as data in rest.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "mitigation",
          "details": "Users should ensure connections between the engineering tools and the controller are located in a locally protected environment or protected by VPN for remote access.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "mitigation",
          "details": "Do not send project data as a file via email or other transfer mechanisms without additional integrity and authenticity checks. Save project data in protected environments only.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        },
        {
          "category": "mitigation",
          "details": "Generic information and recommendations for security measures to protect network-capable devices can be found in the Application Note.",
          "product_ids": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ],
          "url": "https://dam-mdc.phoenixcontact.com/asset/156443151564/0a870ae433c19148b80bd760f3a1c1f2/107913_en_03.pdf"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "CSAFPID-0001",
            "CSAFPID-0002",
            "CSAFPID-0003"
          ]
        }
      ]
    }
  ]
}

VDE-2022-026

Vulnerability from csaf_phoenixcontactgmbhcokg - Published: 2022-06-21 05:16 - Updated: 2025-05-22 13:03

Summary

PHOENIX CONTACT: Vulnerability in ProConOS/ProConOS eCLR SDK and MULTIPROG Engineering tool

Notes

Summary: ProConOS/ProConOS eCLR insufficiently verifies uploaded data.

Impact: The identified vulnerability allows attackers uploading logic with arbitrary malicious code oncehaving access to the communication to products that are utilizing ProConOS/ProConOS eCLR.Attackers must have network or physical controller access to exploit this vulnerability. Thisvulnerability affects all versions of ProConOS/ProConOS eCLR and MULTIPROG from PhoenixContact Software (formerly KW-Software).

Mitigation: Manufacturers using ProConOS/ProConOS eCLR in their automation devices are advised tocheck their implementation and may publish an advisory according to their product. Users of automation devices utilizing ProConOS/ProConOS eCLR in their automation systemsmay check if their application requires additional security measures like an adequate defense–in-depth networking architecture, the use of virtual private networks (VPNs) for remote access,as well as the use of firewalls for network segmentation or controller isolation. Users should check their manufacturers security advisories for more adequate informationaccording to their dedicated device. Users should ensure that the logic is always transferred or stored in protected environments.This is valid for data in transmission as well as data in rest. Connections between theEngineering Tools and the controller must always be in a locally protected environment orprotected by VPN for remote access. Project data shouldn't send as a file via e-mail or othertransfer mechanisms without additional integrity and authenticity checks.Project data should save in protected environments only. Generic information and recommendations for security measures to protect network-capabledevices can be found in the application note.

CVE-2022-31801

An unauthenticated, remote attacker could upload malicious logic to the devices based on ProConOS/ProConOS eCLR in order to gain full control over the device.

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-345 - Insufficient Verification of Data Authenticity

Mitigation Manufacturers using ProConOS/ProConOS eCLR in their automation devices are advised to check their implementation and may publish an advisory according to their product. Users of automation devices utilizing ProConOS/ProConOS eCLR in their automation systems may check if their application requires additional security measures like an adequate defense– in-depth networking architecture, the use of virtual private networks (VPNs) for remote access, as well as the use of firewalls for network segmentation or controller isolation. Users should check their manufacturers security advisories for more adequate information according to their dedicated device. Users should ensure that the logic is always transferred or stored in protected environments. This is valid for data in transmission as well as data in rest. Connections between the Engineering Tools and the controller must always be in a locally protected environment or protected by VPN for remote access. Project data shouldn't send as a file via e-mail or other transfer mechanisms without additional integrity and authenticity checks. Project data should save in protected environments only. Generic information and recommendations for security measures to protect network-capable devices can be found in the application note.

Affected products

Known affected 3 products

Product	Identifier	Version	Remediation
MULTIPROG vers:all/* Phoenix Contact / Software / MULTIPROG		vers:all/*
ProConOS vers:all/* Phoenix Contact / Software / ProConOS		vers:all/*
ProConOS eCLR vers:all/* Phoenix Contact / Software / ProConOS eCLR		vers:all/*

References

4 references

URL	Category
https://phoenixcontact.com/psirt	external
https://certvde.com/en/advisories/vendor/phoenixc…	external
https://certvde.com/en/advisories/VDE-2022-026/	self
https://phoenixcontact.csaf-tp.certvde.com/.well-…	self

Acknowledgments

CERT@VDE

Forescout

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "organization": "CERT@VDE",
        "summary": "coordination"
      },
      {
        "organization": "Forescout",
        "summary": "reporting."
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en-GB",
    "notes": [
      {
        "category": "summary",
        "text": "ProConOS/ProConOS eCLR insufficiently\u00a0verifies uploaded data.",
        "title": "Summary"
      },
      {
        "category": "description",
        "text": "The identified vulnerability allows attackers uploading logic with arbitrary malicious code oncehaving access to the communication to products that are utilizing ProConOS/ProConOS eCLR.Attackers must have network or physical controller access to exploit this vulnerability. Thisvulnerability affects all versions of ProConOS/ProConOS eCLR and MULTIPROG from PhoenixContact Software (formerly KW-Software).",
        "title": "Impact"
      },
      {
        "category": "description",
        "text": "Manufacturers using ProConOS/ProConOS eCLR in their automation devices are advised tocheck their implementation and may publish an advisory according to their product.\nUsers of automation devices utilizing ProConOS/ProConOS eCLR in their automation systemsmay check if their application requires additional security measures like an adequate defense\u2013in-depth networking architecture, the use of virtual private networks (VPNs) for remote access,as well as the use of firewalls for network segmentation or controller isolation.\nUsers should check their manufacturers security advisories for more adequate informationaccording to their dedicated device.\nUsers should ensure that the logic is always transferred or stored in protected environments.This is valid for data in transmission as well as data in rest. Connections between theEngineering Tools and the controller must always be in a locally protected environment orprotected by VPN for remote access. Project data shouldn\u0027t send as a file via e-mail or othertransfer mechanisms without additional integrity and authenticity checks.Project data should save in protected environments only.\nGeneric information and recommendations for security measures to protect network-capabledevices can be found in the application note.",
        "title": "Mitigation"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "psirt@phoenixcontact.com",
      "name": "Phoenix Contact GmbH \u0026 Co. KG",
      "namespace": "https://phoenixcontact.com/psirt"
    },
    "references": [
      {
        "category": "external",
        "summary": "PHOENIX CONTACT PSIRT ",
        "url": "https://phoenixcontact.com/psirt"
      },
      {
        "category": "external",
        "summary": "CERT@VDE Security Advisories for PHOENIX CONTACT",
        "url": "https://certvde.com/en/advisories/vendor/phoenixcontact/"
      },
      {
        "category": "self",
        "summary": "VDE-2022-026: PHOENIX CONTACT: Vulnerability in ProConOS/ProConOS eCLR SDK and MULTIPROG Engineering tool - HTML",
        "url": "https://certvde.com/en/advisories/VDE-2022-026/"
      },
      {
        "category": "self",
        "summary": "VDE-2022-026: PHOENIX CONTACT: Vulnerability in ProConOS/ProConOS eCLR SDK and MULTIPROG Engineering tool - CSAF",
        "url": "https://phoenixcontact.csaf-tp.certvde.com/.well-known/csaf/white/2022/vde-2022-026.json"
      }
    ],
    "title": "PHOENIX CONTACT: Vulnerability in ProConOS/ProConOS eCLR SDK and MULTIPROG Engineering tool",
    "tracking": {
      "aliases": [
        "VDE-2022-026"
      ],
      "current_release_date": "2025-05-22T13:03:10.000Z",
      "generator": {
        "date": "2025-04-09T07:58:21.647Z",
        "engine": {
          "name": "Secvisogram",
          "version": "2.5.22"
        }
      },
      "id": "VDE-2022-026",
      "initial_release_date": "2022-06-21T05:16:00.000Z",
      "revision_history": [
        {
          "date": "2022-06-21T05:16:00.000Z",
          "number": "1",
          "summary": "Initial revision."
        },
        {
          "date": "2025-05-22T13:03:10.000Z",
          "number": "2",
          "summary": "Fix: added distribution, quotation mark"
        }
      ],
      "status": "final",
      "version": "2"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:all/*",
                    "product": {
                      "name": "MULTIPROG vers:all/*",
                      "product_id": "CSAFPID-51001"
                    }
                  }
                ],
                "category": "product_name",
                "name": "MULTIPROG"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:all/*",
                    "product": {
                      "name": "ProConOS vers:all/*",
                      "product_id": "CSAFPID-51002"
                    }
                  }
                ],
                "category": "product_name",
                "name": "ProConOS"
              },
              {
                "branches": [
                  {
                    "category": "product_version_range",
                    "name": "vers:all/*",
                    "product": {
                      "name": "ProConOS eCLR vers:all/*",
                      "product_id": "CSAFPID-51003"
                    }
                  }
                ],
                "category": "product_name",
                "name": "ProConOS eCLR"
              }
            ],
            "category": "product_family",
            "name": "Software"
          }
        ],
        "category": "vendor",
        "name": "Phoenix Contact"
      }
    ],
    "product_groups": [
      {
        "group_id": "CSAFGID-0001",
        "product_ids": [
          "CSAFPID-51001",
          "CSAFPID-51002",
          "CSAFPID-51003"
        ],
        "summary": "Affected Products"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2022-31801",
      "cwe": {
        "id": "CWE-345",
        "name": "Insufficient Verification of Data Authenticity"
      },
      "notes": [
        {
          "category": "description",
          "text": "An unauthenticated, remote attacker could upload malicious logic to the devices based on ProConOS/ProConOS eCLR in order to gain full control over the device.",
          "title": "Vulnerability Description"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-51001",
          "CSAFPID-51002",
          "CSAFPID-51003"
        ]
      },
      "remediations": [
        {
          "category": "mitigation",
          "details": "Manufacturers using ProConOS/ProConOS eCLR in their automation devices are advised to\ncheck their implementation and may publish an advisory according to their product.\n\nUsers of automation devices utilizing ProConOS/ProConOS eCLR in their automation systems\nmay check if their application requires additional security measures like an adequate defense\u2013\nin-depth networking architecture, the use of virtual private networks (VPNs) for remote access,\nas well as the use of firewalls for network segmentation or controller isolation.\n\nUsers should check their manufacturers security advisories for more adequate information\naccording to their dedicated device.\n\nUsers should ensure that the logic is always transferred or stored in protected environments.\nThis is valid for data in transmission as well as data in rest. Connections between the\nEngineering Tools and the controller must always be in a locally protected environment or\nprotected by VPN for remote access. Project data shouldn\u0027t send as a file via e-mail or other\ntransfer mechanisms without additional integrity and authenticity checks.\nProject data should save in protected environments only.\n\nGeneric information and recommendations for security measures to protect network-capable\ndevices can be found in the application note.",
          "group_ids": [
            "CSAFGID-0001"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "environmentalScore": 9.8,
            "environmentalSeverity": "CRITICAL",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 9.8,
            "temporalSeverity": "CRITICAL",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-51001",
            "CSAFPID-51002",
            "CSAFPID-51003"
          ]
        }
      ],
      "title": "CVE-2022-31801"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2022-31801 (GCVE-0-2022-31801)

FKIE_CVE-2022-31801

GHSA-JGP8-HJ42-F7F6

GSD-2022-31801

ICSA-22-172-04

VDE-2022-026

Tags

Sightings

Nomenclature